Jordan Justen [Tue, 23 Jun 2015 23:34:33 +0000 (23:34 +0000)]
BaseTools/Tests: Verify 32-bit UTF-8 chars are rejected
Since UTF-8 .uni unicode files might contain strings with unicode code
points larger than 16-bits, and UEFI only supports UCS-2 characters,
we need to make sure that BaseTools rejects these characters in UTF-8
.uni source files.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Yingke Liu <yingke.d.liu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17697 6f19259b-4bc3-4df7-8a09-765794883524
Jordan Justen [Tue, 23 Jun 2015 23:34:28 +0000 (23:34 +0000)]
BaseTools/UniClassObject: Support UTF-8 string data in .uni files
This allows .uni input files to be encoded with UTF-8. Today, we only
support UTF-16 encoding.
The strings are still converted to UCS-2 data for use in EDK II
modules. (This is the only unicode character format supported by UEFI
and EDK II.)
Although UTF-8 would allow any UCS-4 character to be present in the
source file, we restrict the entire file to the UCS-2 range.
(Including comments.) This allows the files to be converted to UTF-16
if needed.
v2:
* Drop .utf8 extension. Use .uni file for UTF-8 data (mdkinney)
* Merge in 'BaseTools/UniClassObject: Verify string data is 16-bit'
commit
v3:
* Restrict the entire file's characters (including comments) to the
UCS-2 range in addition to string data. (mdkinney)
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Yingke Liu <yingke.d.liu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17696 6f19259b-4bc3-4df7-8a09-765794883524
Jordan Justen [Tue, 23 Jun 2015 23:34:19 +0000 (23:34 +0000)]
BaseTools/UniClassObject: Verify valid UCS-2 chars in UTF-16 .uni files
Supplementary Plane characters can exist in UTF-16 files,
but they are not valid UCS-2 characters.
For example, refer to this python interpreter code:
>>> import codecs
>>> codecs.encode(u'\U00010300', 'utf-16')
'\xff\xfe\x00\xd8\x00\xdf'
Therefore the UCS-4 0x00010300 character is encoded as two
16-bit numbers (0xd800 0xdf00) in a little endian UTF-16
file.
For more information, see:
http://en.wikipedia.org/wiki/UTF-16#U.2B10000_to_U.2B10FFFF
This means that our current BaseTools code could be allowing
unsupported UTF-16 characters be used. To fix this, we decode the file
using python's utf-16 decode support. Then we verify that each
character's code point is 0xffff or less.
v3:
* Based on Mike Kinney's feedback, we now read the whole file and
verify up-front that it contains valid UCS-2 characters. Thanks
also to Laszlo Ersek for pointing out the Supplementary Plane
characters.
v4:
* Reject code points in 0xd800-0xdfff range since they are reserved
for UTF-16 surrogate pairs. (lersek)
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Yingke Liu <yingke.d.liu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17694 6f19259b-4bc3-4df7-8a09-765794883524
Jordan Justen [Tue, 23 Jun 2015 23:34:04 +0000 (23:34 +0000)]
BaseTools/Tests: Always add BaseTools source to import path
This allows unit tests to easily include BaseTools python
modules. This is very useful for writing unit tests.
Actually, previously, we would do this when RunTests.py was executed,
so unit tests could easily import BaseTools modules, so long as they
were executed via RunTests.
This change allows running the unit test files individually which can
be faster for developing the new unit test cases.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Yingke Liu <yingke.d.liu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17691 6f19259b-4bc3-4df7-8a09-765794883524
Under such circumstances, the va_start() macro invocation in
ERR_add_error_data() -- which is translated to VA_START() by
"CryptoPkg/Include/OpenSslSupport.h" -- results in EFIAPI-dependent code,
but callers of the function pass the arguments incorrectly, because the
declaration doesn't state EFIAPI.
This leads to crashes when ERR_add_error_vdata(), called by
ERR_add_error_data(), tries to access the arguments forwarded to it.
Restore the missing hunk from before SVN r17633.
Cc: Qin Long <qin.long@intel.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Gary Ching-Pang Lin <glin@suse.com> Cc: Peter Jones <pjones@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Peter Jones <pjones@redhat.com> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17689 6f19259b-4bc3-4df7-8a09-765794883524
Liming Gao [Tue, 23 Jun 2015 10:48:30 +0000 (10:48 +0000)]
SecurityPkg: Fix wrong calculation of ImageExeInfoEntrySize
Per UEFI spec, EFI_IMAGE_EXECUTION_INFO structure is updated to comment
Signature field. So, its structure doesn't include Signature field. But,
ImageExeInfoEntrySize uses its structure size minor Signature size. It
will be corrected in this change.
Laszlo Ersek [Mon, 22 Jun 2015 17:11:05 +0000 (17:11 +0000)]
OvmfPkg: PlatformPei: set SMBIOS entry point version dynamically
Git commit 54753b60 (SVN r16870), "MdeModulePkg: Update SMBIOS revision to
3.0." changed PcdSmbiosVersion from 0x0208 to 0x0300. This controls the
version number of the SMBIOS entry point table (and other things) that
"MdeModulePkg/Universal/SmbiosDxe" installs.
Alas, this change breaks older Linux guests, like RHEL-6 (up to RHEL-6.7);
those are limited to 2.x (both in the guest kernel firmware driver, and in
the dmidecode utility). The SMBIOS 3.0 entry point has a different GUID --
defined in UEFI 2.5 -- pointing to it in the UEFI Configuration Table, and
guest kernels that lack upstream kernel commit e1ccbbc9d5 don't recognize
it.
The v2.1.0+ machine types of QEMU generate SMBIOS payload for the firmware
to install. The payload includes the entry point table ("anchor" table).
OvmfPkg/SmbiosPlatformDxe cannot install the anchor table (because that is
the jurisdiction of the generic "MdeModulePkg/Universal/SmbiosDxe"
driver); however, we can parse the entry point version from QEMU's anchor
table, and instruct "MdeModulePkg/Universal/SmbiosDxe" to adhere to that
version.
On machine types older than v2.1.0, the feature is not available, but
then, should anything in OVMF install SMBIOS tables, version 2.8 is simply
safer / more widely supported than 3.0 -- hence the default 2.8 value for
the dynamic PCD.
We set the PCD in PlatformPei (when not on the S3 resume path), because
that's an easy and certain way to set the PCD before a DXE driver reads
it. This follows the example of PcdEmuVariableNvStoreReserved (which is
read by EmuVariableFvbRuntimeDxe).
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1232876 Cc: Gabriel Somlo <somlo@cmu.edu> Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> Acked-by: Gabriel Somlo <somlo@cmu.edu>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17676 6f19259b-4bc3-4df7-8a09-765794883524
Qin Long [Fri, 19 Jun 2015 02:46:51 +0000 (02:46 +0000)]
CryptoPkg: Add some comments for API usage clarification.
This patch adds some comments for API usage clarification, and
adds one object initialization in X509ConstructCertificateStack
implementation to fix possible memory release issue.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Ting Ye <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17671 6f19259b-4bc3-4df7-8a09-765794883524
Qin Long [Fri, 19 Jun 2015 02:45:06 +0000 (02:45 +0000)]
SecurityPkg: Add UEFI-2.5 PKCS7 Verification Protocol Support
This patch adds the support for PKCS7 Verification Protocol which
was defined in UEFI 2.5.
(NOTE: The VerifySignature interface was not supported in this
version, due to openssl interface limitation)
Qiu Shumin [Fri, 19 Jun 2015 01:58:09 +0000 (01:58 +0000)]
MdeModulePkg: Enhance the comments for PiSmmCoreMemoryAllocationLib instance.
Per PI spec all allocation of SMRAM should use EfiRuntimeServicesCode or EfiRuntimeServicesData.
So SMM instance use EfiRuntimeServicesCode as the default memory allocation type instead of EfiBootServicesData.
This patch clarify this usage in comments.
Qiu Shumin [Fri, 19 Jun 2015 01:56:15 +0000 (01:56 +0000)]
MdePkg: Enhance the comments for SmmMemoryAllocationLib instance.
Per PI spec all allocation of SMRAM should use EfiRuntimeServicesCode or EfiRuntimeServicesData.
So SMM instance use EfiRuntimeServicesCode as the default memory allocation type instead of EfiBootServicesData.
This patch clarify this usage in comments.
Yingke Liu [Fri, 19 Jun 2015 01:43:45 +0000 (01:43 +0000)]
BaseTools: Fixed Build Option override bugs.
if '==' is specified, it overrides all options that specified by '='; if no '==' is specified, all options that match current build criteria are combined.
Star Zeng [Thu, 18 Jun 2015 09:26:41 +0000 (09:26 +0000)]
MdeModulePkg PiSmmCore: Introduce SMM Exit Boot Services and Legacy Boot.
And also SMM Ready To Boot.
The SMM Exit Boot Service protocol is to be published by the SMM
Foundation code to associate with EFI_EVENT_GROUP_EXIT_BOOT_SERVICES
to notify SMM driver that system enter exit boot services.
The SMM Legacy Boot protocol is to be published by the SMM
Foundation code to associate with EFI_EVENT_LEGACY_BOOT_GUID
to notify SMM driver that system enter legacy boot.
The SMM Ready To Boot protocol is to be published by the SMM
Foundation code to associate with EFI_EVENT_GROUP_READY_TO_BOOT
to notify SMM driver that system enter ready to boot.
After them, any SMM drivers can get protocol notify on what happened
in DXE phase, then there is no need to let each individual SMM driver
to register SMM Communication Handler for that.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17657 6f19259b-4bc3-4df7-8a09-765794883524
Dandan Bi [Wed, 17 Jun 2015 09:36:35 +0000 (09:36 +0000)]
MdeModulePkg:System hangs in setup menu
System hangs when RTC time rollover 1999 to 2000
Error processing of GetTime function:
If get time fail,the date/time will display ??,
and update help info to let user know get time fail.
Ard Biesheuvel [Tue, 16 Jun 2015 15:09:19 +0000 (15:09 +0000)]
CryptoPkg: add .gitignore for OpenSSL source files
Add a .gitignore that masks the OpenSSL header files under
Include/openssl and the OpenSSL source files under
Library/OpensslLib/openssl-*. This prevents Git from considering
any of these files for addition, and prevents other clutter in
the git status output.
Ard Biesheuvel [Tue, 16 Jun 2015 14:27:18 +0000 (14:27 +0000)]
ArmVirtPkg: increase memory preallocations for secure build
This is a followup to r17554 ("ArmVirtPkg: increase memory
preallocations to reduce region count") that increases the sizes
of the preallocated regions to account for the footprint of the
crypto and authentication libraries. This is only done if secure
boot is enabled at build time, to prevent imposing a larger minimum
RAM size on non-secure builds.
Jeff Fan [Tue, 16 Jun 2015 02:55:54 +0000 (02:55 +0000)]
UefiCpuPkg/CpuDxe: Get CPU BIST information from Guided HOB
Get CPU BIST information from gEfiSecPlatformInformation2PpiGuid or
gEfiSecPlatformInformationPpiGuid Guided HOB and update the CPU healthy status
for CPU MP Service.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Feng Tian <feng.tian@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17641 6f19259b-4bc3-4df7-8a09-765794883524
Qiu Shumin [Fri, 12 Jun 2015 11:20:53 +0000 (11:20 +0000)]
ShellBinPkg: Ia32/X64 Shell binary update.
The binaries of ShellBinPkg are generated with ShellPkg project 17584. The binaries are built with no debug information by building with "RELEASE" target.
The previous submitted Shell binaries (r17619) linked the wrong lib instance. This check in fix the issue.
Star Zeng [Thu, 11 Jun 2015 10:24:36 +0000 (10:24 +0000)]
MdeModulePkg Variable: Move VariableLock install into SmmVariableReady().
VariableLock in VariableSmmRuntimeDxe.c is installed in EntryPoint now.
It works based on SMM variable handler by SMM communication with
payload buffer. But the payload buffer and SMM variable handler will
be not ready in EntryPoint before SmmVariableReady() call back.
VarCheck in VariableSmmRuntimeDxe.c has the same issue,
so move VarCheck install into SmmVariableReady() also.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17626 6f19259b-4bc3-4df7-8a09-765794883524
Star Zeng [Thu, 11 Jun 2015 10:23:44 +0000 (10:23 +0000)]
SecurityPkg Variable: Move VariableLock install into SmmVariableReady().
VariableLock in VariableSmmRuntimeDxe.c is installed in EntryPoint now.
It works based on SMM variable handler by SMM communication with
payload buffer. But the payload buffer and SMM variable handler will
be not ready in EntryPoint before SmmVariableReady() call back.
VarCheck in VariableSmmRuntimeDxe.c has the same issue,
so move VarCheck install into SmmVariableReady() also.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17625 6f19259b-4bc3-4df7-8a09-765794883524
Ruiyu Ni [Thu, 11 Jun 2015 07:14:18 +0000 (07:14 +0000)]
PcAtChipsetPkg/PcRtc: Fix a Y2K bug
The original driver cannot handle the case when system time runs from 1999/12/31 23:59:59
to 2000/1/1 0:0:0.
A simple test to set system time to 1999/12/31 23:59:59 can expose this bug.
The patch limits the driver to only support year in 100 range and decide the century value based
on the supporting range: Century either equals to PcdMinimalYear / 100 or equals to PcdMinimalYear / 100 + 1.
The patch passed the Y2K test.
However with year range [1998, 2097], when system time is 2097/12/31 23:59:59,
the next second system time will become 1998/1/1 0:0:0. I think it's a acceptable limitation.
Qiu Shumin [Thu, 11 Jun 2015 02:32:52 +0000 (02:32 +0000)]
ShellBinPkg: Ia32/X64 Shell binary update.
The binaries of ShellBinPkg are generated with ShellPkg project 17584. The binaries are built with no debug information by building with "RELEASE" target.
Star Zeng [Wed, 10 Jun 2015 07:52:12 +0000 (07:52 +0000)]
SecurityPkg Variable: Support the new introduced PcdMaxAuthVariableSize.
1. If PcdMaxAuthVariableSize is set to 0, keep current behavior as is and
PcdMaxVariableSize used.
2. If PcdMaxAuthVariableSize is set to non 0, it will work on
authenticated variables.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17610 6f19259b-4bc3-4df7-8a09-765794883524
Currently, Max Authenticated variable size = Max Regular Variable Size,
and both are controlled via a single PCD:
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize.
This PCD is introduced to control the Max Size of Authenticated Variable.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17609 6f19259b-4bc3-4df7-8a09-765794883524
Jeff Fan [Wed, 10 Jun 2015 01:45:18 +0000 (01:45 +0000)]
SourceLevelDebugPkg/DxeDebugAgent: Initialize Local APIC Timer
Now Debug Agent library uses Local APIC Timer to implement time-out mechanism.
For AP, its local APIC timer may not work. This fix is to initialize Local
APIC timer if it doesn't work as expected when debugging AP function.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17604 6f19259b-4bc3-4df7-8a09-765794883524
Yao, Jiewen [Wed, 10 Jun 2015 00:26:48 +0000 (00:26 +0000)]
Fix logic error on SectionAlignment calculation.
The correct logic should be:
- The SectionAlignment is got from Magic number.
- The Magic number is got from PE header and machine type.
The original code mix them.
This patch initialises root complex register block BAR in order to
support TCO watchdog emulation features (e.g. reboot upon NO_REBOOT bit
not set) on QEMU.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Paulo Alcantara <pcacjr@zytor.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17601 6f19259b-4bc3-4df7-8a09-765794883524
Star Zeng [Tue, 9 Jun 2015 09:41:50 +0000 (09:41 +0000)]
MdeModulePkg PiSmmCore: Free FullSmramRanges at error condition.
1. In PiSmmIpl.c, free FullSmramRanges at error condition.
2. Move pool and page management definitions and structures
from PiSmmCorePrivateData.h to PiSmmCore.h.
PiSmmCorePrivateData.h should be only used to share SMM_CORE_PRIVATE_DATA
between PiSmmCore and PiSmmIpl. Pool and page management definitions
and structures were moved from Pool.c and Page.c to PiSmmCorePrivateData.h
incorrectly for memory profile feature at EDK2 R16335 commit.
3. DumpSmramInfo() only used for memory profile, so move the declaration
into SmramProfileRecord.c.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17598 6f19259b-4bc3-4df7-8a09-765794883524
Ard Biesheuvel [Tue, 9 Jun 2015 09:28:06 +0000 (09:28 +0000)]
ArmPkg: reduce sysreg access count in GIC revision probe
Accesses to system registers are disproportionately heavy-weight
when executed under virtualization, since each one involves two
world switches (from guest to host and back again).
So change the sequence that enables the GIC SRE interface so that
it performs only a single sysreg read to test whether the SRE
interface is enabled already, and only performs a write and an
additional read if that turns out not to be the case.
Dandan Bi [Tue, 9 Jun 2015 05:09:50 +0000 (05:09 +0000)]
EDKII:Display engine should not depend on the framework code
Display engine base on class opcode to detect whether in
front page.Now remove class/subclass and use FormsetGuid
or ClassGuid to judge whether in front page